Hi,
> Yes I have read that part and also seen the code examples.
> It does not scale well to hardcode what Vlan a user is a member of in
> thecustom.pm <http://custom.pm>.
>
* spoiler alert * ;)
We plan to change the current Custom VLAN implementation into a
'strategy' pattern where in the configuration you choose your VLAN
assignment technique and we instantiate a different object at run-time
implementing the strategy you have chosen.
custom will stay and we might add something like per-node, per-switch
(our current default), per-ssid and per-user or something. Then in
pf.conf under [vlan] you say something like technique=per-node and the
per-node technique will be applied for your environment.
But this is not right now, only in the future so back to your original
question.
> The problem with the code examples is that i only get a node object, and can
> do stuff on the node. That means that the
>
> username is what i get but i would need the whole user, so i could for
> example use the notes field of the user to send the user to
> diffrent costomVlans.
Be careful, username is only relevant to 'authenticated' connections
like wired / wireless 802.1X otherwise username only contains the MAC or
worse is empty (in port-security mode for instance).
>
> I probably will have to implement something that reads a flatfile with the
> usernames and customvlans, and then
>
> edit that flatfile for every user i add.
>
> Anyone out there that has done this, and has a good soloution for it?
Why don't you add a 'use pf::person;' and in the custom code do
something like this:
$person_info = person_view($node_info->{'pid'});
if (defined($person_info->{'notes'}) && $person_info->{'notes'} =~ /^\d+/) {
return $person_info->{'notes'};
}
You pull the entire person record. This is only adds one SQL request per
VLAN assignment.
Make sure to handle 'invalid' notes fields and also the special case pid
= 1 (assigned by default to all nodes not yet authenticated).
If you have code specific questions, feel free to ask them over in
packetfence-devel.
Cheers!
--
Olivier Bilodeau
[email protected] :: +1.514.447.4918 *115 :: www.inverse.ca
Inverse inc. :: Leaders behind SOGo (www.sogo.nu) and PacketFence
(www.packetfence.org)
------------------------------------------------------------------------------
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
_______________________________________________
Packetfence-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/packetfence-users
